Juniper Turns Screws on Content-Security Vendors

The world has become a gloomy place for content- and messaging-security vendors that have yet to find a permanent dance partner among the security industry’s titans.

Increasingly, the window of opportunity that the big players left open to innovative smaller companies is closing.

Firewall vendors initially failed to respond to application-layer exploits and vulnerabilities that afflicted email, instant messaging, and web-based applications. Since a firewall essentially opens and closes ports, leaving open ports for legitimate applications and shutting down others, most of the major vendors’ firewalls failed to thoroughly inspect incoming traffic on well-known application ports, such as port 25 (SMTP) for email, port 80 (HTTP) for web traffic, and various IM-related ports.

Sensing an opportunity, smaller vendors leapt at the opening to provide inbound security solutions, often in the form of software-based appliances. These offerings provided an inline or parallel means of filtering and scrubbing application-specific traffic that perimeter-based firewalls assumed to be safe and secure.

There were threats in that traffic, of course, especially in email, which was rife with spam, worms, and viruses. A entire market segment came into being, populated with vendors such as IronPort, CipherTrust (recently acquired by Secure Computing), Proofpoint, Mirapoint, Barracuda, and scores of others.

All of the aforementioned players sold email-security appliances, and they were joined by others who sold server-based software or hosted email-security services, with Postini and FrontBridge (now owned by Microsoft) serving as examples of the latter.

Many of these companies were amply funded by venture capitalists, who, like many market analysts from companies such as Gartner and IDC, were convinced that the market was primed for heady growth for years to come.

It hasn’t quite worked out that way, unfortunately.

The market is growing, yes, but not nearly at the pace or on the scale that was forecast by the most optimistic of the market analysts. What’s more, a few moves by larger players — Symantec’s acquisition in 2004 of Brightmail, Microsoft’s acquisition of FrontBridge, Secure Computing’s decision to buy CipherTrust — have severely cut the legs out from under the smaller players who had hoped to have been either public companies by now or to have been bought by one of the industry’s major players.

But the industry’s other major players — McAfee, Trend, Cisco, Juniper — either have chosen to remain on the sidelines or internally develop their own messaging-security solutions. It seems that nearly every antivirus vendor now has a line of appliances that provide inbound messaging security, web security, or both.

As for the networking vendors — Cisco and Juniper — they have chosen to bolster their firewalls with organic development rather than venturing outside their companies to make acquisitions.

Cisco has followed a similar course in beefing up its firewalls and routers to deliver content-security capabilities, and both companies also are working to fill out network access control (NAC) architectures.

So, where does that leave the companies who staked their claim as content-security pure plays? Well, it leaves them scrambling to redefine themselves, trying to find an area — reputation networks, web-services security, outbound content filtering, compliance offerings — where they can, perhaps, sustainably differentiate themselves from the big boys.

Sometimes, when market windows close, there isn’t much of a warning. The window can slam down like a guillotine on those that haven’t been paying close attention to what’s happening around them.